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DETAILED ACTION 

1 . This is in response to the amendment filed on 5 November 2005. 

2. Claims 1-26 are pending in the application. 

3. Claims 1-26 have been rejected. 

Response to Arguments 

4. Applicant's arguments with respect to claims 1-26 have been considered but are moot in view 
of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

5. Claims 1-4, 10, 12, 14-16 and 22-26 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Purtell et ai U.S. Patent No. 6,950,947 Bl. 

As to claims 1, 14 and 22, Purtell et al discloses a method for traversing a firewall, 
comprising: 

initiating a first connection to go through the firewall [column 7 line 1 8 to 
column 8 line 62]; 

evaluating the first connection for a response from a remote system 
indicating a successful first connection [column 7 line 18 to column 8 line 62]; 
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initiating a second connection to go through the firewall if a successful 
first connection is not established [column 7 line 18 to column 8 line 62]; 

evaluating the second connection for a response from a remote system 
indicating a successful second connection [column 7 line 18 to column 8 line 62]; 

initiating a third connection to go through the firewall if a successful 
second connection is not established [column 7 line 18 to column 8 line 62]; and 

evaluating the third connection for a response from a remote system 
indicating a successful third connection [column 7 line 18 to column 8 line 62]. 
As to claims 2, 15 and 23, Purtell et al discloses that the first connection, the second 
connection, and the third connection is selected from the group consisting of Transmission 
Control Protocol (TCP) connection, User Datagram Protocol (UDP) connection, hypertext 
transfer protocol (HTTP) connection, hypertext transfer protocol (HTTP) connection via a proxy 
connection, and Internet Control Message Protocol (ICMP) connection [column 3 line 51 to 
column 4 line 11]. 

As to claim 3, Purtell et al discloses that initiating a TCP connection comprises initiating 
a TCP connection to a predefined address and port [column 3 line 51 to column 4 line 11]. 

As to claim 10, Purtell et al discloses using Internet Protocol (IP) [column 3 line 51 to 
column 4 line 11]. 

As to claim 12, Purtell et al discloses using Ethernet with the Transmission Control 
Protocol (TCP) [column 3 line 51 to column 4 line 11], 
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6. Claims 17-21 are rejected under 35 U.S.C. 102(b) as being anticipated by Freund U.S. 
Patent No. 5,987,611. 

As to claim 17, Freund discloses a firewall traversal system comprising: 

a main system coupled to storage [column 14 line 52 to column 15 line 

ii]; 

a communication subsystem coupled to the main system and a 
communication medium on one side of a firewall [column 5, lines 9-27]; 

a packet examining subsystem coupled to the communication subsystem 
[column 5, lines 34-50]; and 

a database system coupled to the packet examining subsystem and the 
main system [column 6, lines 13-27], 
As to claim 18, Freund discloses that the packet examining subsystem extracts port 
information [column 16, lines 8-29]. 

As to claim 19, Freund discloses that the packet examining subsystem extracts the port 
information based upon examining packet data content [column 16, lines 8-29]. 

As to claim 20, Freund discloses that the packet examining subsystem extracts address 
information [column 13, lines 34-43]. 

As to claim 21, Freund discloses that the packet examining subsystem extracts the 
address information based upon examining packet data content [column 13, lines 34-43]. 
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Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Purtell et al U.S. 
Patent No. 6,950,947 Bl as applied to claim 1 above, and further in view of Bhide et al U.S. 
Patent No. 5,852,717. 

As to claim 4, Purtell et al does not teach initiating a HTTP connection that comprises 
initiating a HTTP connection to a predefined address using port 80. 

Bhide et al teaches initiating a HTTP connection that comprises initiating a HTTP 
connection to a predefined address using port 80 [column 5, lines 9-21]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Purtell et al so that if a HTTP connection were to 
initiate between a client and server, it would have used a predefined address using port 80. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Purtell et al by the teaching of Bhide et al because it is 
well known in the art that a HTTP connection uses port 80. Establishing a connection involves 
one round-trip time from the client to the server as the client requests to open a network 
connection and the server responds that a network connection has been opened [column 5, lines 
9-21]. 
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8. Claims 5-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Purtell et al 
U.S. Patent No. 6,950,947 Bl as applied to claim 1 above, and further in view of Fuh et al 
U.S. Patent No. 6,609,154 Bl. 

As to claims 5-7 and 9, Purtell et al does not teach that initiating a HTTP connection via a 
proxy connection further comprises determining a likely proxy address and port. Purtell et al 
does not teach that determining a likely proxy address and port further comprises packet sniffing. 
Purtell et al does not teach that packet sniffing further comprises: sampling packets; extracting 
information from the sampled packets; and building a database of likely proxy addresses and 
ports. Purtell et al does not teach that extracting information from the sampled packets 
comprises examining TCP packets for HTTP data. 

Fuh et al teaches initiating a HTTP connection via a proxy connection further comprises 
determining a likely proxy address and port [column 13, lines 3-14]. Fuh et al teaches that 
determining a likely proxy address and port further comprises packet sniffing [column 9, lines 
51-67]. Fuh et al teaches that packet sniffing further comprises: sampling packets; extracting 
information from the sampled packets; and building a database of likely proxy addresses and 
ports [column 9, lines 51-67]. Fuh et al teaches that extracting information from the sampled 
packets comprises examining TCP packets for HTTP data [column 9, lines 51-67]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Purtell et al so that there would have been a HTTP 
connection initiated via a proxy connection that would have determined a likely proxy address 
and port. Packet sniffing would have occurred during the determining step of the proxy address 
and port. The firewall packet sniffing would have included sampling packets, extracting 
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information from the packets and building a database of likely proxy addresses and ports. The 
extracted information would have come from examining TCP packets for HTTP data. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Purtell et al by the teaching of Fuh et al because it makes 
sure that the client is authorized to communicate with a network resource [column 3, lines 54- 
60]. 

As to claim 8, Purtell et al teaches that extracting information from the sampled packets 
comprises extracting TCP port information [column 1 line 50 to column 2 line 3]. 
9. Claims 11 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over Purtell 
et al U.S. Patent No. 6,950,947 Bl as applied to claim 1 above, and further in view of Fuh et 
al U.S. Patent No. 6,609,154 Bl. 

As to claims 1 1 and 13, Purtell et al does not teach that initiating a HTTP connection via 
a proxy connection further comprises determining a likely proxy address by sampling packets 
and extracting IP and Ethernet addresses. 

Fuh et al teaches initiating a HTTP connection via a proxy connection further comprises 
determining a likely proxy address by sampling packets and extracting IP and Ethernet addresses 
[column 9, lines 51-67]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Purtell et al so that a HTTP connection would 
have been initiated via a proxy connection and proxy addresses would have been d3etermined by 
sampling packets and extracting IP and Ethernet address. 



Application/Control Number: 09/759,728 Page 8 

Art Unit: 2131 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Purtell et al by the teaching of Fuh et al because it makes 
sure that the client is authorized to communicate with a network resource [column 3, lines 54- 
60]. 

10, Claim 16 is rejected under 35 U.S.C. 103(a) as being unpatentable over Purtell et al 
U.S. Patent No. 6,950,947 Bl as applied to claim 14 above, and further in view of Linden et 
al U.S. Patent No. 6,549,773 Bl. 

As to claim 16, Purtell et al teaches examining network traffic [column 5, lines 47-67]. 

Purtell et al does not teach building a database of parameters likely to allow 
establishment of a HTTP connection via a proxy connection. 

Linden et al teaches building a database of parameters likely to allow establishment of a 
HTTP connection via a proxy connection [column 5, lines 16-26]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Purtell et al so that a database would have been 
built of parameters likely to allow establishment of a HTTP connection via a proxy connection. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Purtell et al by the teaching of Linden et al because it is 
possible to efficiently utilize functions connected with the HTTP data transmission protocol of 
the WSP/B protocol already known as such. These include, for example, GET, PUT, and POST 
requests. Consequently, the header fields of the HTTP protocol can also be utilized in the data 
transmission, as well as the headers of the HTTP protocol for authentication. Correspondingly, it 
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is possible to utilize efficiently the methods of the WWW communication network for 
authorization or data transmission [column 5, lines 16-26]. 

11. Claims 24 and 25 are rejected under 35 U.S. C. 103(a) as being unpatentable over 
Purtell et al U.S. Patent No. 6,950,947 Bl as applied to claim 22 above, and further in view 
of Fuh et al U.S. Patent No. 6,609,154 Bl. 

As to claims 24 and 25, Purtell et al does not teach means for initiating a HTTP 
connection via a proxy connection further comprises determining a likely proxy address by 
sniffing packets and extracting information from the packets. Purtell et al does not teach means 
for initiating a HTTP connection via a proxy connection further comprises determining a likely 
proxy address by receiving information from a computer connected to the firewall. 

Fuh teaches means for initiating a HTTP connection via a proxy connection further 
comprises determining a likely proxy address by sniffing packets and extracting information 
from the packets [column 9, lines 51-67]. Fuh teaches means for initiating a HTTP connection 
via a proxy connection further comprises determining a likely proxy address by receiving 
information from a computer connected to the firewall [column 9, lines 51-67]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Purtell et al so that a HTTP connection would 
have been initiated via a proxy connection. The firewall would have sniffed packets and 
extracted information from the packets. Proxy addresses would have been determined by 
receiving information from the computer connected to the firewall. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Purtell et al by the teaching of Fuh et al because it makes 
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sure that the client is authorized to communicate with a network resource [column 3, lines 54- 
60], 

12. Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over Purtell et al 
U.S. Patent No. 6,950,947 Bl as applied to claim 22 above, and further in view of 
Montenegro U.S. Patent No. 6,233,688 Bl. 

As to claim 26, Purtell et al does not teach means for updating firewall traversal 
strategies. 

Montenegro teaches means for updating firewall traversal strategies [column 6, lines 49- 

65]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Purtell et al so that there would have been a 
firewall that had means for updated firewall traversal strategies. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Purtell et al by the teaching of Montenegro because it 
keeps the firewall up to date as far as addressed to block so that the client is not compromised at 
any time [column 2, lines 7-21]. 
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Conclusion 

13. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K. Moorthy whose telephone number is 571-272-3793. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Aravind K Moorthy 

January 18,2006 „ ~ 
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SUPERVISORY PATENT EXAMINER 
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